Understanding IaaS + Citrix Secure Digital Perimeter & Workspaces deployed in a Public, Hybrid or Private Cloud world powered by Citrix Cloud https://citrix.cloud.com/ + Serverless for Web Apps from LAMP by https://twitter.com/lyndonjonmartin
Upgrading clients to Citrix Workspace app Smart devices (Mobile)
The Citrix Receiver to Workspace upgrade on smart device(s) is simple, the app store of your chosen smart device e.g iPhone will notify you of any/all pending mobile app updates and you can simply tap to begin the upgrade as seen in the below short video. I’d like to point out this is my personal bring-your-own (BYO) device so it’s not enrolled into the corporate UEM solution as I consume + access corporate LOB apps when right vs. relevant in emergency scenario’s via my corporate Windows 10 Citrix virtual desktop (XenDesktop), Slack is for the Citrix Technology Advocate (CTA) and iGel Community channels and ShareFile Workflows, Citrix SSO is for testing purposes.
PC, Mac, Linux (Machines/Laptops/Devices)
Now lets take a look at traditional/current workplace end-points that we consume as when/how within our workspace. The example below depicts me as a Citrix SysAdmin (lets test this prior to a PROD rollout organisation wide) so download the Citrix Workspace app installer from – https://www.citrix.com/downloads/workspace-app/ for your choosen end-point, and be sure to visit eDocs at – https://docs.citrix.com/en-us/citrix-workspace-app.html to check out the deployment configuration options for your organisations supported end-point(s) strategy e.g Thin Clients, CYO, BYO, Corporate issued.
What can I do with Citrix Workspace app?
Begin exploring the Citrix Workspace app web page at – https://www.citrix.com/products/workspace-app/ to learn about the business outcomes, transformation capabilities now enabled by IT (not just a cost centre anymore) and end-user value + benefits + experience. If you are short on time then watch the below embedded video which provides a brief overview in little over a minute, however if you do have time then please read this blog post entitled “Citrix Workspace App – Answers to Your Burning Questions” on Citrix.com – https://www.citrix.com/blogs/2018/06/01/citrix-workspace-app-answers-to-your-burning-questions/ and be sure to read the comments section at the bottom of the blog post.
The views expressed here are my own and do not necessarily reflect the views of Citrix.
Today I received my new Mac, yes I’ve decided to move from a PC to a Mac for various reasons (those whom know me are probably going really!?) but I still have a Windows 10 tablet PC which I use regually at home, but most importantly my Windows 10 Citrix issued virtual desktop powered by XenDesktop (Citrix on Citrix) follows me anywhere with Citrix Receiver or the HTML5 Citrix Receiver!
I didn’t even turn on my old PC I just started working within less than 15 min from my new MacBook connected to my Win10 VD via Receiver and i’ll just sort out what I need locally like Reflector, NAMP e.t.c over the weekend as its a busy week post our local partner event Citrix Partner Accelerator.
What Did I Do?
1. Unboxed my new Macbook
2. Plugged in the power and pushed the power button its been a while since I’ve heard that CHIME 🙂
3. Completed Apples on-boarding process including setting up iCloud including connecting to the Citrix employee Wi-Fi from our London, Paddington offices check it out at – https://twitter.com/CitrixUK/status/834742107055259650
4. Next I opened Safari and navigated to http://receiver.citrix.com and it auto detected for me that I am connecting from a Mac and presented me with a download link to Receiver for Mac 12.4.
5. Once downloaded I installed it simple!
6. Opened Citrix Receiver and i entered in my addr which then prompted me for my Citrix employee username, passwd and 2FA Token
7. BOOM Receiver synced all my virtual apps & desktops that I had previously selected on other device(s) within a few moments of signing in
8. I clicked on my Windows 10 Virtual Desktop powered by XenDesktop and my new mobile #SecureWorkspace is ready to go within less than 15 minutes!
10. The most difficult to justify probably re the cost(s) but assigning a low end vGPU GRID profile or utilising the Intel Iris Pro Graphics with XenServer 7 to provide enough/suitable GPU capacity to all virtual apps & desktops (oldISH and modern) provides a much better experience so setup a PoC to see and try if for yourself and finally NVidia now supports H.264 offloading onto there GRID Cards in 7.11 🙂 – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/whats-new.html#par_anchortitle_59c9.
The following content is a brief and unofficial overview of the new HDX policy setting that enables HDX Adaptive Display v2. The views, opinions and concepts expressed are those by the author of this entry only and do not necessary conform to industry descriptions, best practises. The views expressed here are my own and do not necessarily reflect the views of Citrix.
In the release of XAD 7.11 (Seven11) a new Thinwire HDX policy was released which is part of the following policy Use video codec for compression” with the following option selected “For actively changing regions” which enables HDX Adaptive Display v2 – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-11/whats-kmnew.html#par_anchortitle_59c9 which blends the following Citrix HDX Graphics modes H.264 & Thinwire Compatible Mode together to offer the best UX but also to provide a balanced apporach by implementing the most right vs. relevant HDX graphics mode to offer the best rich & HD experience or near to local-like experience while balancing all compute, network resources between the server and or desktop VDA over the organisational network, internet to the users end-point.
Understanding Actively Changing Regions
If you take a look at the below example of a YouTube web page (rendered in HTML in Oct 2016) e.g delivered as a virtual app published internet browser or a virtual desktop and you access the above YouTube web page HDX Adaptive Display v2 will selectively utilise H.264, Thinwire and overlay lossless text.
The following content is a brief and unofficial prerequisites guide to setup, configure and test delivering virtual apps and desktops powered by XenApp 7.8 in AWS EC2 prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessary conform to industry descriptions or best practises. The views expressed here are my own and do not necessarily reflect the views of Citrix.
AMAZON WEB SERVICES – aws
SECRUITY GROUPS – sg
ELASTIC COMPUTE CLOUD – ec2
HYBRID CLOUD PROVISIONING – hcp
XENAPP – xa
XENDESKTOP – xd
XENAPP/XENDESKTOP – xad
VIRTUAL DELIVERY AGENT – vda
HIGH DEFINITION EXPERIENCE – hdx
INDEPENDENT COMPUTING ARCHITECTURE – ica
FEATURE PACK – fp
EXPERIENCE 1st – x1
VIRTUAL DESKTOP – vd
VIRTUAL APPS – va
INFRASTRUCTURE AS A SERVICE – iaas
CITRIX WORKSPACE CLOUD – cwc
CITRIX LIFECYCLE MANAGEMENT – clm
THINWIRE COMPATIBLE MODE – tcm also known as ecm
Experience Deploying My 1st Virtual Desktop & Apps in AWS
The following screenshot is of a virtual desktop (Windows Server 2012 R2 powered by XenApp 7.8) hosted in AWS EC2 located in N.Virginia, US delivered Windows 8.1 (Yes I know I need to get to Win 10 :-)) laptop running Citrix Receiver Windows 4.4 in London, England with the HDX Thinwire Compatible Mode graphics mode configured with a Preferred Color Depth set to 16-Bit and the performance is very good considering what Ive configured I then adjusted my HDX policies to then switch to HDX SuperCodec (H.264) the UX gets even better providing an even closer HD local like experience in my personal view only so give it ago for yourself.
The HDX policies overview is documented below so for now back to my experience deploying XenApp 7.8 on AWS.
It was substantially easier than I anticipated or even expected as the AWS documentation is easy to understand I believe however that maybe due to the fact I used to previously work for a Managed Services ISP in City of London so many concepts related to Managed Hosting, IaaS, Private and Hybrid Cloud come quiet naturally to me.
Introduction to Provisioning XenApp Workloads on AWS EC2
Citrix has had the capability to deploy virtual applications and desktops powered by XenApp 6-7.x.n for quiet sometime utilising the traditional Manual CTX SysAdmin approach then Citrix introduced a concept entitled Hybrid Cloud Provisioning (HCP) under the unified FMA architecture for XAD some time ago which allows CTX SysAdmins the capability to expand there existing Citrix workloads e.g virtual apps and desktops (server based only) to IaaS providers e.g AWS or often generically referred to as the Cloud by adding in a secure new hosting connection within Studio for AWS the requirements include providing the Connection URL, API key and Secret key from your AWS EC2 account ref – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-6/xad-connections.html. You can utilise this exact same concept to provision XenApp based workloads from within a AWS EC2 XenApp 7.x FMA Site as described in detail in the following deployment guide entitled “Deploy XenApp 7.5 and 7.6 and XenDesktop 7.5 and 7.6 with Amazon VPC” available at – http://support.citrix.com/article/CTX140427. Finally if I have not explained well enough what hybrid cloud provisioning actually is powered by XenApp 7.x then this short and simple YouTube video from Citrix below should hopefully re-enforce your understanding of HCP.
You can still utilise hybrid cloud provisioning within XenApp 7.8 today and Citrix continues to evolve with its next generation cloud 1st approach of provisioning of Citrix workloads within IaaS, Private and Hybrid clouds with Citrix Workspace Cloud (CWC) its now known as Citrix Cloud. How does it work? Once more there is a fantastic YouTube video which demonstrates setting up, configuring, publishing and delivering a Windows virtual application utilising CWC by one of Citrix’s CTO its well worth watching!
Finally you can utilise Citrix Lifecycle Management (CLM) to automate the deployment and auto scaling of your Citrix workloads on AWS EC2, however this topic is currently not in scope for this blog article however I may update this blog article in the future to include provisioning XenApp on AWS EC2 powered by Citrix Lifecycle Management (CLM).
Pre-requisites & System Requirements for Deploying a XA 7.8 PoC in AWS EC2 (Draft + The Basic’s Only)
0. Check that your XAD license entitlement is correct at – https://www.citrix.com/go/products/xendesktop/feature-matrix.html to provision XenApp workloads on AWS EC2. As of writing and publishing this blog article you require XenApp or XenDesktop Enterprise or above licensing in order to provision workloads on AWS and also Azure.
1. You need an AWS account, Credit card
2. Choose your EC2 region e.g N.Virgina
3. Create your “Security Groups” which acts as a virtual firewall for ICA 1494, 2598 Session Reliability, HTTPS 443, RDS 3389 (SysAdmin access)
4. Lunch an single instance from the EC2 dashboard under “Create Instance” this will be your mgmt. VM
5. Decrypt the passwd & login your mgmt. VM install your require roles e.g AD, DNS as a min requirement for XA 7.x
6. Lunch another single instance from the EC2 dashboard under “Create Instance” this will be your XA PoC VM
7. Download the media from Citrix.com and any FP’s and install all the components onto your XA PoC VM (Studio, Director, Controller, MS SQL Express, StoreFront, License server)
7. Install the latest VDA (existing connections) once ready launch Studio and create your Site, configure your machine catalogue and delivery groups.
8. Modify SFS default.ica file to include your external static IP and check your Windows f/w rules to ensure 1494 is correctly configured to allow traversing NAT’s
9. Navigate to https://AWS-XA-PoC-VM/Citrix/StoreWeb/ and login as a domain admin or user and launch a virtual app and or desktop.
10. Shutdown and turn off your VM’s within your AWS VPC when you are finished with your tests to ensure that your cost(s) are kept to a minimum.
Begin with the following HDX policies listed below to enable TCM/ECM/Thinwire+/Thinwire Compatible Mode and be sure to check out CTX202687 described below in-line with the Very High Definition Experience HDX Policy template.
Preferred color depth for simple graphics
24 bits per pixel
Target frame rate
Use video codec for compression
Do not use Video codec
Force ECM on explicitly by turning H.264 off (Testing)
2. Configuring the super codec (H.264) is actually very easy select the Very High Definition Experience form the HDX templates in Studio and create a policy from it applying again to your test security group (preferred) or domain users it’s your choice. Please note that this policy will enable H.264 however it will default to TCM if you connect from a device that does not support H.264.
3. Finally for all those advanced CTX consultants and SysAdmins out there check the following CTX article – http://support.citrix.com/article/CTX202687 entitled “HDX Graphics Modes – Which Policies Apply to DCR/Thinwire/H.264 – An Overview for XenDesktop/XenApp 7.6 FP3” which documents each policy for each HDX encoding or graphics mode supporter by XAD 7.8
The following content is a brief and unofficial prerequisites guide to setup, configure and test HDX Broadcast now with Thinwire Compatible Mode with XAD 7.3 FP3+ prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessary conform to industry descriptions or best practises.
My Own View/Opinion
ThinWire Compatible Mode can be implemented to replace the Citrix SuperCodec (H.264) in my personal opinion for numerous use cases hOwEvEr based upon your organisations end-user use cases and or scenario’s by department and role you should always test which graphics mode/encoder(s) are most suitable within your environment by department or role to meet your end-user’s X1 UX expectations on a daily basis.
What is Thinwire Compatible Mode?
If your new to Citrix I’d suggest that before reading any further to get a better understanding of what Thinwire Compatible Mode (TCM) is and does i’d suggest that you read the following entitled “HDX technologies for optimizing application and desktop delivery” available at – http://www.citrix.com/content/dam/citrix/en_us/documents/products-solutions/citrix-hdx-technologies.pdf. Its the latest graphics encoder/mode available within Citrix XAD 7.6 FP3 supported on the following OSes Windows 8.x, 10 and Windows Server 2012 R2.
Use Cases for TCM
1. Lower powered endpoint devices that can support Receiver but do not support Citrix’s SuperCodec which requires an H.264 decoder
2. Delivery of virtual apps and desktops over low bandwidth networks e.g remote branch offices that have limited internet uplink capacity based upon there geographic location i.e. ISDN, 3/4G or low capacity ADSL.
3. Delivery of 3D apps over LAN networks offers a great X1 UX which a fuzzy-first approach as described at – http://docs.citrix.com/en-us/xenapp-and-xendesktop/7-6/xad-hdx-landing/thinwire-compatibility-mode.html search for “Build to lossless” on that web page. You should always thoroughly test between both TCM/H.264 graphics modes to ensure that your end-users X1 UX meets there expectations and requirements day to day.
4: Greater user density on Windows Server 2012 R2 for XenApp based workloads.
– Intelligent bitmap matching for a bitmap-only provider. As much as possible, previously sent bitmaps are reused resulting in lower bandwidth.
– Emulated 16-bit mode, further reducing bandwidth for typical workloads.
– Ultra-low server CPU usage, improving scalability.
– Designed for port to Linux (already used by the Citrix Linux VDA)
Demonstration of Thinwire Compatible Mode
Pre-requisites & System Requirements for Deploying a Basic/Intro Thinwire Compatible Mode policy (Draft + The Basic’s Only)
1: Download and install the latest component’s for XAD 7.6 FP3 within a test/poc environment and not in a PROD environment!
2: Currently the XAD 7.6 FP3 VDA’s provide support for TCM with the following Windows OSes Windows 8.x, Windows 10 and Windows Server 2012 R2 OSes.
3: Citrix Receiver You can utilise the latest or older Citrix Receiver’s including the HTML5 Receiver with Thinwire Compatible Mode encoder.
4: Create the following policy in Studio below to enable TCM within a ICA/HDX session:
– Create a new policy
– Search for the following policy entitled “Use video codec for compression” select it and set the following value – “Do not use Video codec” which will force the ICA/HDX session to utilise Thinwire Compatibility Mode.
– Assign the policy to your test “Delivery Group” with either a virtual desktop (Win 8.x, 10 or Server 2012 R2) and save the new policy.
– Login to ReceiverforWeb or Citrix Receiver and launch your virtual desktop ensure that your test user was assigned to the test delivery group which you assigned the TCM policy to/against.
Tuning Thinwire Compatible Mode
You can easily tune TCM to utilise less bandwidth with a single policy entitled “Preferred colour depth for simple graphics” but still delivery a really good eXperience 1st User eXperience for your end-users. Simply modify the TCM policy that your created earlier in this blog article and search for and add “Preferred colour depth for simple graphics” and select either “16 bits per pixel” or “24 bits per pixel” then click next and next again saving the policy. Now disconnect from your existing ICA/HDX session to your test virtual desktop and re-launch it and if you’ve opted for 16 bits per pixel in the policy above you’ll notice a difference straight away BUT the UX is still acceptable graphically for knowledge/task workers and more importantly its still as responsive and usable.
There are obviously many other policies that can be applied to make even more efficiencies so for a full list including detailed notes of what to configure please refer to and check out the following CTX article entitled “HDX Graphics Modes – Which Policies Apply to DCR/Thinwire/H.264 – An Overview for XenDesktop/XenApp 7.6 FP3” available at – http://support.citrix.com/article/CTX202687. I have embedded the basics into a simple HTML table below with how to explicitly enable ECM for testing purposes.
* Please do not use this link unless your app store on your iOS device(s) is configured to the UK. If your in another country please from your iOS device open the Apple app store and search for Citrix Receiver and tap to install it.
The following content is a brief and unofficial prerequisites guide to setup, configure and test XenApp 7.6, XernDesktop 7.6 prior to deploying in a PoC, Pilot or Production environment by the author of this entry. The views, opinions and concepts expressed are those by the author of this entry only and do not necessary conform to industry descriptions or best practises.
XENAPP – xa
XENDESKTOP – xd
VIRTUAL DELIVERY AGENT – vda
LIGHT WEIGHT DIRECTORY PROTOCOL – ldap
ACTIVE DIRECTORY – ad
CERTIFICATE SIGNING REQUEST – csr
CONNECTION LEASING – cl
FULLY QUALIFIED DOMAIN NAME – fqdn
RECEIVER FOR WEB – rfw
CERTIFICATE AUTHORITY – ca
STOREFRONT SERVICES – sfs
PUBLIC KEY INFRASTRUCTURE – pki
NETSCALER GATEWAY – nsg
SECURE TICKET AUTHORITY – sta
DOMAIN NAME SERVER – dns
DYNAMIC HOST CONFIGURATION PROTOCOL – dhcp
FEATURE PACK – fp